[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] NAT question
Rajesh, You need to add an ARP statement to the fw. This configuration is a very poor design. You should never allow direct access to your internal network from the public world. I would hope you would reconsider doing this and explain to who-ever is making decisions there to also think harder about it. Robert (BTW, I see you successfully have your Apache server running ;) - - Robert P. MacDonald, Network Engineer e-Business Infrastructure G o r d o n F o o d S e r v i c e Voice:email: [email protected] >>> Rajesh Bandar <[email protected]> 9/5/00 8:47:19 PM >>> > >Hi, > >I have a checkpoint firewall running on a solaris 2.6 machine. I have a web >server running in the internal network (private IP address). Is there anyway >I can allow people on the internet to access the web server. Due to some reasons >I can't put the webserver in DMZ. If I am right I need to do NAT for the web >server host and allow http service. > >I tried the following but it didn't work: > >1. I did NAT for the web server (172.16.0.9 translated to 202.0.106.132). > >2. route add 202.0.106.132 172.16.0.9. > >3. ANY-->WEBSERVER--->HTTP---->ACCEPT(firewall rule). > >But it doesn't work. I can't even ping 202.0.106.132 from the firewall machine. >Did I make any mistake. Please someone reply as soon as possible. > >Thanks, >Rajesh. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|